Reverse Engineering Asked on December 26, 2021
i have a strange apk which I took a closer look at, among others with jadx-gui. It is a gaming app that requires an unusual amount of permissions according to the manifest file. I installed and played the game on a testphone. The requested permissions are not allowed for the game at all. Found a class in the code with the following suspicious method:
public void doInBackground()
{
...
String deviceId = ((TelephonyManager) this.a.getSystemService("phone")).getDeviceId();
...
a.add(new BasicNameValuePair(new String("imei"), deviceId));
...
try {
httpPost.setEntity(new UrlEncodedFormEntity(a));
} catch (UnsupportedEncodingException e) {
...
This method collects sensitive data and sends it via http.
I don’t see that this class is called with this method. Searched for the name of the method, but found nothing. Is there a way to call this method without seeing it in the jadx-gui?
Otherwise I ask myself why this method was implemented if it is never used.
In Android there is a class named AsyncTask, designed for running processes in the background without blocking the UI.
The developer extends AsyncTask and implements doInBackground() member function which is called by the system. After instancing the derived class and calling the instance's .execute() method, Android will, asynchronously call doInBackground().
The program does not call functions of AsyncTask directly.
Link to documentation: https://developer.android.com/reference/android/os/AsyncTask
Answered by Yotamz on December 26, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP